SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks | Microsoft Security Blog

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and small-office internet equipment like routers, then modifying their settings in ways that turn them into part of the actor’s malicious infrastructure.